DEBIAN-CVE-2011-0522
- Source
- https://security-tracker.debian.org/tracker/CVE-2011-0522
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-0522.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2011-0522
- Upstream
- Published
- 2011-02-07T21:00:15.477Z
- Modified
- 2025-11-19T01:01:56.065643Z
- Summary
- [none]
- Details
-
The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.
- References
Affected packages
Debian:11 / vlc
Package
- Name
- vlc
- Purl
- pkg:deb/debian/vlc?arch=source
Debian:12 / vlc
Package
- Name
- vlc
- Purl
- pkg:deb/debian/vlc?arch=source
Debian:13 / vlc
Package
- Name
- vlc
- Purl
- pkg:deb/debian/vlc?arch=source
Debian:14 / vlc
Package
- Name
- vlc
- Purl
- pkg:deb/debian/vlc?arch=source